漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Tandoor Recipes - Stored XSS through Unrestricted File Upload
Vulnerability Description
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The file upload feature allows to upload arbitrary files, including html and svg. Both can contain malicious content (XSS Payloads). This vulnerability is fixed in 1.5.28.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Tandoor Recipes 代码问题漏洞
Vulnerability Description
Tandoor Recipes是Tandoor Recipes开源的一个用于管理食谱、计划膳食、建立购物清单等等的应用程序。 Tandoor Recipes 1.5.28之前版本存在代码问题漏洞,该漏洞源于文件上传功能允许上传任意文件,包括html和svg,两者都可能包含恶意内容。
CVSS Information
N/A
Vulnerability Type
N/A